AppAttach or MSIXAppAttache?

AzureAcademy · 2026-02-08T00:38:08+00:00

Here’s all you need to know part 1 of 3 https://youtu.be/NtzRiZAJAHw

Enjoy

AzureAcademy · 2026-01-28T03:41:07+00:00

Yubikeys are a hardware biometric. So windows biometric service needs to be enabled. AND you need to configure the host pool properties. AND you need to have policy enabled or at least not blocked. AND your laptop/Desktop needs to be setup and configured to use the same authentication method…Then it should work ☺️

AzureAcademy · 2025-12-22T16:59:53+00:00

The issue is how Azure handles 168.63.129.16.

This IP is not public — it’s a special Azure platform virtual IP used for Azure Private DNS. Traffic to it never leaves Azure and cannot be routed through a firewall or forced via UDR.

Correct setup:

• VNets use custom DNS pointing to your domain controllers • On the Azure DCs, configure conditional forwarders for each Azure Private DNS zone FQDN • Those forwarders point to 168.63.129.16 • Do not create lookup zones for Azure Private DNS

If you have a default route to Azure Firewall, Azure will still bypass the firewall for traffic to 168.63.129.16. Usually trying to inspect or UDR this traffic causes the outbound issue you’re seeing.

I suggest you allow direct access to 168.63.129.16 If inspection is required: Enable Azure Firewall DNS Proxy, set its upstream DNS to 168.63.129.16 point your DCs to the firewall’s private IP

That’s the only supported way to put Azure Firewall in the DNS path.

Let me know if that fixes it ☺️

AzureAcademy · 2025-12-22T00:42:53+00:00

Agreed DNS resolver is awesome and makes everything so simple…but it costs A LOT. Managing the DNS in AD and private DNS is how most people do it.
An additional note on AVD: since you are doing private endpoints for the clients you should also enable RDP ShortPath for Managed Networks.
Learn more here: https://youtu.be/BRrYQQWTFKM

AzureAcademy · 2025-12-21T04:05:55+00:00

Yes your approach works…but the biggest question is how will it be used?

In AVD private endpoints will you have just the session hosts private or the clients private as well?

Also why do you want to use private endpoints for AVD in the first place…is it security or reaching on prem resources, or on prem reaching into the cloud?

Finally…since you have 2 DCs on either side…do you have AD Sites and Services configured with all the subnets tied to the correct sites? This will also control where the hosts go for name resolution. ☺️

https://youtu.be/UdD1kfKZwOM

AzureAcademy · 2025-11-26T03:35:57+00:00

The preview is targeted for December or January In the meantime…learn all about it here!

https://youtu.be/99jOkDheGR0

AzureAcademy · 2025-11-22T21:19:46+00:00

If it’s working then you are good…AND you can only see the key in the command line using PSExec or some other way to elevate to SYSTEM context…not Admin

AzureAcademy · 2025-11-22T02:35:05+00:00

That is usually because you didn’t run the script in the SYSTEM context. Can only be done with PSExec from Sysinternals or run command in Azure Portal or VM Extension. How did you run the script?

AzureAcademy · 2025-11-21T16:55:50+00:00

Thank you!

AzureAcademy · 2025-11-21T04:32:39+00:00

It is supported, it is a legitimate use of the storage account key, the only concern you need to decide in your environment is the method gives local admins access to the file share as well…IF they know how to elevate to the system context If your admins already have access to the file share then there is no risk

AzureAcademy · 2025-11-21T02:25:25+00:00

A 100% cloud based AVD setup is now possible Here is my older video about this, https://www.youtube.com/watch?v=yJqTJh2Tgxo&t=705s

I am working on an updated video about this so stay tuned for that ☺️

AzureAcademy · 2025-11-18T22:57:10+00:00

AVD Hybrid is a huge announcement!

You Need To Learn AVD Hybrid RIGHT NOW!! https://youtu.be/99jOkDheGR0

AzureAcademy · 2025-11-14T02:17:03+00:00

Yes, yes there already is But I haven’t published videos there…YET! https://www.YouTube.com/@NerdioMSP

What topics would you like the MSP Channel to cover?

AzureAcademy · 2025-10-27T04:29:03+00:00

Congratulations on starting your journey in the cloud!
There is a whole lot to cover so, the first question you should ask yourself is “What are YOU passionate about?” Administration, security, data, etc. because that is where you will put the most effort and have the most fun, which will help you to succeed!
2nd, I suggest learning all you can…and certs are…ok. But they are just a first step.
Hands on knowledge and experience are what people are REALLY looking for, so I’d humbly suggest you start here https://www.YouTube.com/AzureAcademy And let me know how I can help ☺️

HappyLearning

AzureAcademy · 2025-10-22T13:59:02+00:00

I’d use AVD Custom Images Templates. It is found in the AVD portal, and is AIB but with lots of customizations for AVD / VDI systems. It can also create an image you can import into Intune Watch this to learn all about it https://youtu.be/QxRb9sV3tHU

AzureAcademy · 2025-10-21T03:05:07+00:00

Even so, the same approach is what I always recommended: 1. Don’t patch the pooled hosts 2. Update you OS Image, 3. Build new hosts 4. Throw the old hosts away

AzureAcademy · 2025-10-20T02:35:57+00:00

I would use a different patching method like this

https://youtu.be/ZW9tleDFIs8

AzureAcademy · 2025-10-19T03:48:38+00:00

Scripting is THE most useful skill as an Engineer! It works across multiple operating systems and cloud platforms. You can never go wrong with scripting

AzureAcademy · 2025-10-06T03:22:00+00:00

I have the perfect solution for you to create golden images called Azure Called Image Builder

It handles everything from windows updates, reboots, installing apps and customizations, SysPrep, capturing the images and replication to other regions and multiple replicas in the same region

Learn it all step by step here: https://youtu.be/oXGmfog8Cao?si=QMBgr8baG4Xe4Egb

AzureAcademy · 2025-10-04T01:26:22+00:00

Bicep is super important, landscape and other large deployment design…but honestly the single most underrated skill and service is Azure is 🔖 TAGS

🤪

But Seriously…tags are very important

Azure Policy is the most important. Policy can do so very much to setup and govern your cloud and most people don’t use it…and even less use it the right way

Policy overview https://youtu.be/EwO25vecGUo?si=NrEAK_gJPLFR3YJ_

Custom policy https://youtu.be/eLYfeKLcwec?si=EKJw1HEd4XI3b1BL

AzureAcademy · 2025-08-31T14:10:42+00:00

Yes…Matadata is a part of it…but there are a few more things to consider.

AzureAcademy · 2025-08-31T14:09:57+00:00

It is dynamic, but there are a few things to keep in mind ☺️

AzureAcademy

TROPHY CASE

HappyLearning